Merge pull request #37 from mimblewimble/audit_fixes

Updates based on audit
mimblewimble · Dec 28, 2018 · 73617d0 · 73617d0
2 parents 768ff85 + 6b5bbf6
commit 73617d0
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/src/modules/aggsig/main_impl.h b/src/modules/aggsig/main_impl.h
@@ -220,6 +220,7 @@ int secp256k1_aggsig_sign_single(const secp256k1_context* ctx,
     ARG_CHECK(sig64 != NULL);
     ARG_CHECK(msg32 != NULL);
     ARG_CHECK(seckey32 != NULL);
+    ARG_CHECK(seed != NULL);
 
     /* generate nonce if needed */
     if (secnonce32==NULL){
@@ -401,6 +402,7 @@ int secp256k1_aggsig_add_signatures_single(const secp256k1_context* ctx,
     VERIFY_CHECK(ctx != NULL);
     ARG_CHECK(sig64 != NULL);
     ARG_CHECK(sigs != NULL);
+    for (i=0;i<num_sigs;i++) ARG_CHECK(sigs[i] != NULL);
     ARG_CHECK(pubnonce_total != NULL);
     (void) ctx;
 
@@ -568,8 +570,13 @@ int secp256k1_aggsig_verify_single(
     cbdata.single_hash = sighash;
 
     scratch = secp256k1_scratch_space_create(ctx, 1024*4096);
+    if (scratch == NULL){
+        return 0;
+    }
+
     /* Compute sG - eP, which should be R */
     if (!secp256k1_ecmult_multi_var(&ctx->ecmult_ctx, scratch, &pk_sum, &g_sc, secp256k1_aggsig_verify_callback_single, &cbdata, 1)) {
+        secp256k1_scratch_space_destroy(scratch);
         return 0;
     }
 
@@ -603,7 +610,6 @@ void secp256k1_aggsig_context_destroy(secp256k1_aggsig_context *aggctx) {
     free(aggctx->pubkeys);
     free(aggctx->secnonce);
     free(aggctx->progress);
-    secp256k1_rfc6979_hmac_sha256_finalize(&aggctx->rng);
     free(aggctx);
 }
 

diff --git a/src/modules/bulletproofs/main_impl.h b/src/modules/bulletproofs/main_impl.h
@@ -237,6 +237,7 @@ int secp256k1_bulletproof_rangeproof_prove(
         int overflow;
         secp256k1_scalar_set_b32(&blinds[i], blind[i], &overflow);
         if (overflow || secp256k1_scalar_is_zero(&blinds[i])) {
+            secp256k1_scratch_deallocate_frame(scratch);
             return 0;
         }
 
@@ -261,11 +262,17 @@ int secp256k1_bulletproof_rangeproof_prove(
 
     if (t_one != NULL) {
         tge = malloc(2*sizeof(secp256k1_ge));
+        if (tge == NULL){
+            secp256k1_scratch_deallocate_frame(scratch);
+            return 0;
+        }
         if (tau_x != NULL) {
             if (!secp256k1_pubkey_load(ctx, &tge[0], t_one)) {
+                secp256k1_scratch_deallocate_frame(scratch);
                 return 0;
             }
             if (!secp256k1_pubkey_load(ctx, &tge[1], t_two)) {
+                secp256k1_scratch_deallocate_frame(scratch);
                 return 0;
             }
         }